You can configure a whitelist for each endpoint of your Message Queue for Apache Kafka instance. Only the IP addresses and ports in the whitelist can use the corresponding endpoint to connect to the Message Queue for Apache Kafka instance.
A Message Queue for Apache Kafka instance is purchased and deployed, and it is in the Running state.
- A whitelist can contain a maximum of 200 entries.
- You can specify multiple IP addresses and CIDR blocks in each entry that you add to a whitelist. Separate multiple IP addresses or CIDR blocks with commas (,).
- You can remove entries from a whitelist and add entries to a whitelist. You can remove or add a single entry at a time.
- If a whitelist contains only one entry, you can remove the entry from the whitelist. After the entry is removed, you can no longer access the Message Queue for Apache Kafka instance by using ports within the supported port range. Make sure that you are fully aware of the impact of this removal operation on your business.
Add a whitelist
To add IP addresses or CIDR blocks to a whitelist, perform the following steps:
- Log on to the Message Queue for Apache Kafka console. In the Resource Distribution section of the Overview page, click the name of the region where your instance is deployed.
- On the Instances page, click the name of the instance that you want to manage.
- In the Endpoint Information section of the Instance Details page, find the endpoint for which you want to configure the whitelist and click Manage Whitelist in the Actions column.
- On the Whitelist Management page, click Create Whitelist, set the Name and IP addresses or CIDR blocks, and then click OK.
Delete a whitelist
- On the Instance Details page, click Whitelist Management in the left-side navigation pane.
- Find the whitelist to which the IP address or CIDR block to be deleted belongs, and then click Modify.
- In the Modify Whitelist panel, find the IP address or CIDR block that you want to delete and click Delete. In the lower part of the panel, click Modify.